package auth

import (
	"nixcn-cms/internal/cryptography"

	"github.com/gin-gonic/gin"
	"github.com/spf13/viper"
)

func Refresh(c *gin.Context) {
	var req struct {
		RefreshToken string `json:"refresh_token"`
	}

	if err := c.ShouldBindJSON(&req); err != nil {
		c.JSON(400, gin.H{"error": "invalid request"})
		return
	}

	JwtTool := cryptography.Token{
		Application: viper.GetString("server.application"),
	}

	access, err := JwtTool.RefreshAccessToken(req.RefreshToken)
	if err != nil {
		c.JSON(401, gin.H{"error": "invalid refresh token"})
		return
	}

	err = JwtTool.RevokeRefreshToken(req.RefreshToken)
	if err != nil {
		c.JSON(500, gin.H{"status": "cannot revoke refresh token"})
	}

	refresh, err := JwtTool.GenerateRefreshToken()
	if err != nil {
		c.JSON(401, gin.H{"status": "cannot generate new refresh token"})
	}

	c.JSON(200, gin.H{
		"access_token":  access,
		"refresh_token": refresh,
	})
}